A mobile user may not be protected while disconnected from their Enterprise network (or Trusted Network). For example, when a user takes their laptop or mobile phone with them, they are able to connect to the internet and connect with any site, including sites that would be blocked by the Enterprise network. When outside the Enterprise (or Trusted) network, malware that is present on the endpoint can establish a connection that would normally be captured/blocked by devices on the enterprise network. Malware on a local network at a remote location can send packets to an endpoint and potentially gain access to the endpoint (for example by using a MSRPC (Microsoft Remote Procedure Call) from an un-trusted device on the remote network).